﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Text;
using System.Data.SqlClient;
using DTO;
using System.Security.Cryptography;

namespace DAO
{
  public class NguoiDungDAO
    {
      public List<NguoiDungDTO> DanhSachNguoiDung()
      {
          List<NguoiDungDTO> kq = new List<NguoiDungDTO>();
          DataProvider dp = new DataProvider();
          string strsql = "select*from NguoiDung";
          dp.Connect();
          SqlDataReader dr = dp.ExecuteQuery(strsql);
          if (dr.HasRows)
          {
              while (dr.Read())
              {
                  NguoiDungDTO nd = new NguoiDungDTO();
                  nd.MaNhanVien = dr["MaNhanVien"].ToString();
                  nd.MatKhau = dr["MatKhau"].ToString();
                  nd.TenDangNhap = dr["TenDangNhap"].ToString();
              }
          }
          return kq;
      }
      public NguoiDungDTO LayNguoiDungByTenDangNhap(string tenDangNhap)
      {
          NguoiDungDTO nd = new NguoiDungDTO();
          string strsql = "select*from NguoiDung where TenDangNhap='" + tenDangNhap + "'";
          DataProvider dp = new DataProvider();
          dp.Connect();
          SqlDataReader dr = dp.ExecuteQuery(strsql);
          dr.Read();
          nd.MaNhanVien = dr["MaNhanVien"].ToString();
          nd.MatKhau = dr["MatKhau"].ToString();
          nd.TenDangNhap = dr["TenDangNhap"].ToString();
          dp.Disconnect();
          return nd;
      }
      public NguoiDungDTO LayNguoiDungByMaNhanVien(int maNhanVien)
      {
          NguoiDungDTO nd = new NguoiDungDTO();
          string strsql = "select*from NguoiDung where TenDangNhap=" + maNhanVien ;
          DataProvider dp = new DataProvider();
          dp.Connect();
          SqlDataReader dr = dp.ExecuteQuery(strsql);
          dr.Read();
          nd.MaNhanVien = dr["MaNhanVien"].ToString();
          nd.MatKhau = dr["MatKhau"].ToString();
          nd.TenDangNhap = dr["TenDangNhap"].ToString();
          dp.Disconnect();
          return nd;
      }
      public Boolean ThemNguoiDung(NguoiDungDTO nd)
      {
          Boolean kq = false;
          string strsql = "insert into NguoiDung(TenDangNhap,MatKhau,MaNhanVien)";
          strsql += "values('" + nd.TenDangNhap + "','" + nd.MatKhau + "'," + nd.MaNhanVien + ")";

          DataProvider dp = new DataProvider();
          dp.Connect();
          int i = dp.ExecuteNonQuery(strsql);
          if (i != 0)
              kq = true;
          dp.Disconnect();
          return kq;

         
      }
      public Boolean CapNhatNguoiDung(NguoiDungDTO nd)
      {
          Boolean kq = false;
          string strsql = "update NguoiDung set MatKhau='"+nd.MatKhau+"' and MaNhanVien="+nd.MaNhanVien+" where TenDangNhap='"+nd.TenDangNhap+"'";
          DataProvider dp = new DataProvider();
          dp.Connect();
          int i = dp.ExecuteNonQuery(strsql);
          if (i != 0)
              kq = true;
          dp.Disconnect();
          return kq;
      }
      public Boolean XoaNguoiDung(string tenDangNhap)
      {
          Boolean kq = false;
          string strsql = "delete from NguoiDung where TenDangNhap='"+tenDangNhap+"'";
          DataProvider dp = new DataProvider();
          dp.Connect();
          int i = dp.ExecuteNonQuery(strsql);
          if (i != 0)
              kq = true;
          dp.Disconnect();
          return kq;

      }
      public static string Encrypt(string inStr)
      {
          UnicodeEncoding ue = new UnicodeEncoding();
          byte[] bytes = ue.GetBytes(inStr); 
          MD5 md = new MD5CryptoServiceProvider();
          byte[] kq= md.ComputeHash(bytes); 
          return Convert.ToBase64String(kq);
      }

      public static bool DangNhap(string username, string password)
      {
          bool kq = false;
          string e_password = Encrypt(password);
          string sql = "select tendangnhap from nguoidung where tendangnhap='" + username + "' and matkhau='" + e_password + "'";
          DataProvider dp = new DataProvider();
          dp.Connect();
          object o = dp.ExecuteQueryScalar(sql);
          dp.Disconnect();
          if (o!=null)
              kq = true;
          return kq;
      }
      
      public static bool DoiMatKhau(string username, string newpass)
      {
          bool kq = false;
          string sql = "update nguoidung set matkhau='" + Encrypt(newpass) + "' where tendangnhap='" + username + "'";
          DataProvider dp = new DataProvider();
          dp.Connect();
          int i = dp.ExecuteNonQuery(sql);
          dp.Disconnect();
          if (i == 1)
              kq = true;
          return kq;
      }
    }
}
